From: Sean Christopherson <seanjc@google.com>
To: Vishal Annapurve <vannapurve@google.com>
Cc: pbonzini@redhat.com, dave.hansen@linux.intel.com,
rick.p.edgecombe@intel.com, dapeng1.mi@linux.intel.com,
mizhang@google.com, kai.huang@intel.com, jmattson@google.com,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 1/1] KVM: x86: Introduce has_protected_pmu state for TDX VMs
Date: Thu, 7 May 2026 10:43:42 -0700 [thread overview]
Message-ID: <afzPTtjuELBtnOVc@google.com> (raw)
In-Reply-To: <20260507142402.2175933-1-vannapurve@google.com>
On Thu, May 07, 2026, Vishal Annapurve wrote:
> PMU state for TDX VMs is virtualized by TDX Module [1]. Host has following
> toggles to control the PMU functionality exposed to TDX VMs:
> 1) Configure TD_PARAMS to allow guests to use performance monitoring.
> 2) Restrict the TD to a subset of the PEBS counters if supported.
> 3) Limit the TD to setup a certain perfmon events using basic/enhanced
> event filtering.
>
> KVM will need to be enlightened to support these toggles. Introduce
> has_protected_pmu state to track the pmu state for such scenarios
> and explicitly set the has_protected_pmu flag for TDX VMs.
>
> If pmu state is protected:
> 1) Disable KVM's PMU virtualization framework as additional
> enlightenment is needed within KVM to control/manage the
> visibility of PMU state to such VMs.
> 2) Disallow userspace VMM from toggling PMU virtualization state
> using KVM_CAP_PMU_CAPABILITY.
>
> [1] Section 15.2: https://cdrdv2.intel.com/v1/dl/getContent/733575
>
> Suggested-by: Sean Christopherson <seanjc@google.com>
> Signed-off-by: Vishal Annapurve <vannapurve@google.com>
>
> ---
> v2 -> v3:
> - Squashed two patches into a single patch as per feedback from Sean.
> - Dropped the cover letter.
...
> @@ -13375,7 +13376,10 @@ int kvm_arch_init_vm(struct kvm *kvm, unsigned long type)
> kvm->arch.default_tsc_khz = max_tsc_khz ? : tsc_khz;
> kvm->arch.apic_bus_cycle_ns = APIC_BUS_CYCLE_NS_DEFAULT;
> kvm->arch.guest_can_read_msr_platform_info = true;
> - kvm->arch.enable_pmu = enable_pmu;
> + if (kvm->arch.has_protected_pmu)
> + kvm->arch.enable_pmu = false;
> + else
> + kvm->arch.enable_pmu = enable_pmu;
Once more, with feeling :-)
kvm->arch.enable_pmu = enable_pmu && !kvm->arch.has_protected_pmu;
No need for a v4, I'll fixup when applying (assuming this is indeed the directin
we take).
>
> #if IS_ENABLED(CONFIG_HYPERV)
> spin_lock_init(&kvm->arch.hv_root_tdp_lock);
> --
> 2.54.0.563.g4f69b47b94-goog
>
next prev parent reply other threads:[~2026-05-07 17:43 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-07 14:24 [PATCH v3 1/1] KVM: x86: Introduce has_protected_pmu state for TDX VMs Vishal Annapurve
2026-05-07 17:43 ` Sean Christopherson [this message]
2026-05-07 20:11 ` Sean Christopherson
2026-05-07 21:32 ` Vishal Annapurve
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afzPTtjuELBtnOVc@google.com \
--to=seanjc@google.com \
--cc=dapeng1.mi@linux.intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=jmattson@google.com \
--cc=kai.huang@intel.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mizhang@google.com \
--cc=pbonzini@redhat.com \
--cc=rick.p.edgecombe@intel.com \
--cc=vannapurve@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.